Identity authentication, number saving and sending, and number binding method, apparatus and device

ABSTRACT

Disclosed are an identity authentication, number saving and sending, and number binding method, apparatus and device. The identity authentication method comprises: receiving a user identity authentication request sent by a data authentication platform client, wherein the user identity authentication request comprises user authentication information and user identification information, and a data authentication platform server pre-stores the user authentication information and a registration number and a password, which correspond to the user identification information; acquiring, according to the user identification information, the user authentication information pre-stored in the data authentication platform server; matching the user authentication information in the acquired user identity authentication request with the acquired user authentication information pre-stored in the data authentication platform server; when the matching is successful, receiving a result, sent by the data authentication platform client, of confirming the acquisition of the registration number by a user.

CROSS REFERENCE TO RELATED APPLICATION

The present application is a continuation application of theInternational Patent Application No. PCT/CN2019/102787, filed on Aug.27, 2019, and titled “IDENTITY AUTHENTICATION, NUMBER SAVING ANDSENDING, AND NUMBER BINDING METHOD, APPARATUS AND DEVICE,” which claimspriority to Chinese Patent Application No. 201811248773.6 filed on Oct.25, 2018. The entire contents of all of the above applications areincorporated herein by reference in their entirety.

TECHNICAL FIELD

This application relates to the field of Internet financialtechnologies, and in particular, to an identity authentication, numbersaving and sending, and number binding method, apparatus and device.

BACKGROUND

With the development and application of Internet financial technologies,more users choose to use quick payment when shopping, which improvespayment experience of the users. To implement quick payment, a bank cardor a bank account of a user may be bound to an e-wallet or a cashierserver of an online merchant in advance. In this way, when paying forgoods, the user does not need to log in to an e-bank, and the bank doesnot need to perform any verification, so that the online payment isextremely simplified and rapid. Generally, when the bank card or thebank account of the user is bound to the e-wallet or the cashier serverof the online merchant, the identity of the user needs to beauthenticated, to confirm that the operator is a legal holder of thebank card or the bank account.

The identity of the user may be authenticated in various manners.However, currently, in some overseas countries without a central unifiedID system and countries where users often change mobile phone numberswithout real-name registration, or in other similar scenarios, themanner of identity authentication is limited. For example, in theforegoing scenarios, it may be impossible to use common identityauthentication methods such as face recognition and SMS verificationcode. Using the overseas market scenario as an example, generally, acard number and a validity period of a credit card are saved in ane-wallet or a cashier of an online merchant, and identity authenticationis performed by using 3 domain security (3DS). This method can alsoimplement identity authentication and quick payment. However, in such anidentity authentication manner, each intermedia link in a payment path,including an order receiving bank, a card association, and a cardissuing bank needs to perform computation and charges a fee, whichresults in a low computing efficiency for the computer system toauthenticate users and/or bind their payment accounts with a paymentapplication (e.g., a payment Application installed on a mobile phone),in addition to high costs of the identity authentication manner.Moreover, in security verification based on 3DS, the securityverification code of a user may be easily stolen by wrongdoers throughfraud or the like, causing the user to lose money. Therefore, theidentity authentication manner has low security. In addition, theidentity authentication manner involves many intermediate links, it isinconvenient for a user to perform quick payment, and the user mayactively give up the payment. Therefore, the identity authenticationmanner leads to a low payment success rate.

SUMMARY

The embodiments of this application provide an identity authentication,number saving and sending, and number binding method, apparatus anddevice. Problems of high costs, low security, low payment success rate,and the like caused by the 3DS identity authentication manner inexisting technologies are resolved or alleviated.

To resolve the foregoing technical problems, the embodiments of thisapplication are implemented as follows.

An embodiment of this application provides an identity authenticationmethod, including: receiving a user identity authentication request sentby a client of a data authentication platform, where the user identityauthentication request includes user authentication information and useridentification information, and a server of the data authenticationplatform pre-stores user authentication information and a registrationnumber and a secret token that correspond to the user identificationinformation; obtaining, according to the user identificationinformation, the user authentication information pre-stored in theserver of the data authentication platform; matching the userauthentication information in the received user identity authenticationrequest with the obtained user authentication information pre-stored inthe server of the data authentication platform; receiving, when thematching succeeds, a confirmation result of the user for obtainingregistration number, where the confirmation result is sent by the clientof the data authentication platform; obtaining the registration numberand the corresponding secret token of the user according to the receivedconfirmation result; and sending the obtained registration number andcorresponding secret token of the user to a third-party organizationserver.

An embodiment of this application provides a number saving and sendingmethod, including: receiving a registration number and a correspondingsecret token of a user sent by a server of a data authenticationplatform; matching the received secret token corresponding to theregistration number of the user with pre-stored secret tokens sent bythe server of the data authentication platform in batches, where thesecret tokens sent in batches are associated with pre-stored useridentification information; saving the received registration number ofthe user when the matching succeeds, where the saved registration numberof the user is associated with the pre-stored user identificationinformation of the user; receiving a user number binding request sent bya third-party organization client, where the user number binding requestincludes user authentication information and user identificationinformation; obtaining, according to the user identificationinformation, user authentication information pre-stored in a third-partyorganization server; matching the user authentication information in thereceived user number binding request with the obtained userauthentication information pre-stored in the third-party organizationserver; obtaining the registration number of the user according to theuser identification information when the matching succeeds; and sendingthe obtained registration number of the user to the third-partyorganization client.

An embodiment of this application provides a number binding method,including: receiving a user number binding request and sending the usernumber binding request to a third-party organization server, where theuser number binding request includes user authentication information anduser identification information; receiving, when the third-partyorganization server succeeds in matching the user authenticationinformation, a registration number of a user sent by the third-partyorganization server; and obtaining a confirmation result of the user fornumber binding, where the number binding is successful.

An embodiment of this application provides an identity authenticationapparatus, including: a request receiving module, an informationobtaining module, an information matching module, a result receivingmodule, a number and secret token obtaining module, and a number andsecret token sending module, where the request receiving module isconfigured to receive a user identity authentication request sent by aclient of a data authentication platform, where the user identityauthentication request includes user authentication information and useridentification information, and a server of the data authenticationplatform pre-stores user authentication information and a registrationnumber and a secret token that correspond to the user identificationinformation; the information obtaining module is configured to obtain,according to the user identification information, the userauthentication information pre-stored in the server of the dataauthentication platform; the information matching module is configuredto match the user authentication information in the received useridentity authentication request with the obtained user authenticationinformation pre-stored in the server of the data authenticationplatform; the result receiving module is configured to receive, when thematching succeeds, a confirmation result of the user for obtainingregistration number, where the confirmation result is sent by the clientof the data authentication platform; the number and secret tokenobtaining module is configured to obtain the registration number and thecorresponding secret token of the user according to the receivedconfirmation result; and the number and secret token sending module isconfigured to send the obtained registration number and correspondingsecret token of the user to a third-party organization server.

An embodiment of this application provides a number saving and sendingapparatus, including: a number and secret token receiving module, asecret token matching module, a number saving module, a requestreceiving module, an information obtaining module, an informationmatching module, a number obtaining module, and a number sending module,where the number and secret token receiving module is configured toreceive a registration number and a corresponding secret token of a usersent by a server of a data authentication platform; the secret tokenmatching module is configured to match the received secret tokencorresponding to the registration number of the user with pre-storedsecret tokens sent by the server of the data authentication platform inbatches, where the secret tokens sent in batches are associated withpre-stored user identification information; the number saving module isconfigured to save the received registration number of the user when thematching succeeds, where the saved registration number of the user isassociated with the pre-stored user identification information of theuser; the request receiving module is configured to receive a usernumber binding request sent by a third-party organization client, wherethe user number binding request includes user authentication informationand user identification information; the information obtaining module isconfigured to obtain, according to the user identification information,user authentication information pre-stored in a third-party organizationserver; the information matching module is configured to match the userauthentication information in the received user number binding requestwith the obtained user authentication information pre-stored in thethird-party organization server; the number obtaining module isconfigured to obtain the registration number of the user according tothe user identification information when the matching succeeds; and thenumber sending module is configured to send the obtained registrationnumber of the user to the third-party organization client.

An embodiment of this application provides a number binding apparatus,including: a request receiving module, a request sending module, anumber receiving module, and a result receiving module, where therequest receiving module is configured to receive a user number bindingrequest; the request sending module is configured to send the usernumber binding request to a third-party organization server, where theuser number binding request includes user authentication information anduser identification information; the number receiving module isconfigured to receive, when the third-party organization server succeedsin matching the user authentication information, a registration numberof a user sent by the third-party organization server; and the resultreceiving module is configured to receive a confirmation result of theuser for number binding, where the number binding is successful.

An embodiment of this application provides an identity authenticationdevice, including a memory and a processor, where the memory stores aprogram, and the program is configured to cause the processor to performthe identity authentication method.

An embodiment of this application provides a number saving and sendingdevice, including a memory and a processor, where the memory stores aprogram, and the program is configured to cause the processor to performthe number saving and sending method.

An embodiment of this application provides a number binding device,including a memory and a processor, where the memory stores a program,and the program is configured to cause the processor to perform thenumber binding method.

An embodiment of this application provides a system for identityauthentication, number saving and sending, and number binding, includingan identity authentication apparatus, a number saving and sendingapparatus, and a number binding apparatus.

In some embodiments, a computer-implemented authentication method foridentity authentication and registration number binding comprises:receiving, by one or more servers of a data authentication platform, auser identity authentication request of a user sent by a client of thedata authentication platform, wherein the user identity authenticationrequest comprises (i) first user authentication information and (ii)user identification information, and the one or more servers of the dataauthentication platform pre-store (i) second user authenticationinformation and (ii) a registration number and a secret token thatcorrespond to the user identification information; obtaining, by the oneor more servers according to the user identification information, thesecond user authentication information pre-stored in the one or moreservers of the data authentication platform; matching, by the one ormore servers, the first user authentication information in the receiveduser identity authentication request with the obtained second userauthentication information pre-stored in the server of the dataauthentication platform; when the matching succeeds and when receiving,by the one or more servers from the client of the data authenticationplatform, a request for obtaining registration number, obtaining, by theone or more servers, the registration number and the correspondingsecret token of the user according to the received confirmation result;and sending, by the one or more servers, the obtained registrationnumber and corresponding secret token of the user to a third-partyorganization server.

In some embodiments, the method further comprises: receiving, by thethird-party organization server, the registration number and thecorresponding secret token of the user from the one or more servers ofthe data authentication platform; matching, by the third-partyorganization server, the received secret token corresponding to theregistration number of the user with pre-stored secret tokens sent bythe one or more servers of the data authentication platform; when thematching between the received secret token and the pre-stored secrettokens succeeds, saving, by the third-party organization server, thereceived registration number of the user in association with pre-storeduser identification information of the user in the third-partyorganization server; receiving, by the third-party organization server,a user number binding request from a third-party organization client,wherein the user number binding request comprises (i) the first userauthentication information and (ii) the user identification information;obtaining, by the third-party organization server according to the useridentification information, third user authentication informationpre-stored in the third-party organization server; matching, by thethird-party organization server, the first user authenticationinformation in the received user number binding request with theobtained third user authentication information pre-stored in thethird-party organization server; when the matching between the firstuser authentication information and the third user authenticationinformation succeeds, obtaining, by the third-party organization server,the saved registration number of the user according to the useridentification information in the received user number binding request;and sending, by the third-party organization server, the obtained savedregistration number of the user to the third-party organization client.

In some embodiments, the method further comprises: receiving, by thethird-party organization client, the registration number of the userfrom the third-party organization server; and receiving, by thethird-party organization client, a confirmation by the user for bindingthe registration number.

In some embodiments, the registration number corresponds to a paymentaccount, and the method further comprises: receiving, by the third-partyorganization server from the third-party organization client, aconfirmation of the registration number of the user sent from thethird-party organization server, wherein the confirmation indicates asuccess in binding the payment account with a payment applicationmaintained by the third-party organization server and accessible fromthe third-party organization client.

In some embodiments, one or more non-transitory computer-readablestorage media storing instructions executable by one or more processors,wherein execution of the instructions causes the one or more processorsto perform operations comprising: receiving a user identityauthentication request of a user sent by a client of a dataauthentication platform, wherein the user identity authenticationrequest comprises (i) first user authentication information and (ii)user identification information, and one or more servers of the dataauthentication platform pre-store (i) second user authenticationinformation and (ii) a registration number and a secret token thatcorrespond to the user identification information; obtaining, accordingto the user identification information, the second user authenticationinformation pre-stored in the one or more servers of the dataauthentication platform; matching the first user authenticationinformation in the received user identity authentication request withthe obtained second user authentication information pre-stored in theserver of the data authentication platform; when the matching succeedsand when receiving, from the client of the data authentication platform,a request for obtaining registration number, obtaining the registrationnumber and the corresponding secret token of the user according to thereceived confirmation result; and sending the obtained registrationnumber and corresponding secret token of the user to a third-partyorganization server.

In some embodiments, the operations further comprise: receiving theregistration number and the corresponding secret token of the user fromthe one or more servers of the data authentication platform; matchingthe received secret token corresponding to the registration number ofthe user with pre-stored secret tokens sent by the one or more serversof the data authentication platform; when the matching between thereceived secret token and the pre-stored secret tokens succeeds, savingthe received registration number of the user in association withpre-stored user identification information of the user in thethird-party organization server; receiving a user number binding requestfrom a third-party organization client, wherein the user number bindingrequest comprises (i) the first user authentication information and (ii)the user identification information; obtaining, according to the useridentification information, third user authentication informationpre-stored in the third-party organization server; matching the firstuser authentication information in the received user number bindingrequest with the obtained third user authentication informationpre-stored in the third-party organization server; when the matchingbetween the first user authentication information and the third userauthentication information succeeds, obtaining the saved registrationnumber of the user according to the user identification information inthe received user number binding request; and sending the obtained savedregistration number of the user to the third-party organization client.

A system comprising one or more processors and one or morenon-transitory computer-readable memories coupled to the one or moreprocessors and configured with instructions executable by the one ormore processors to cause the system to perform operations comprising:receiving a user identity authentication request of a user sent by aclient of a data authentication platform, wherein the user identityauthentication request comprises (i) first user authenticationinformation and (ii) user identification information, and one or moreservers of the data authentication platform pre-store (i) second userauthentication information and (ii) a registration number and a secrettoken that correspond to the user identification information; obtaining,according to the user identification information, the second userauthentication information pre-stored in the one or more servers of thedata authentication platform; matching the first user authenticationinformation in the received user identity authentication request withthe obtained second user authentication information pre-stored in theserver of the data authentication platform; when the matching succeedsand when receiving, from the client of the data authentication platform,a request for obtaining registration number, obtaining the registrationnumber and the corresponding secret token of the user according to thereceived confirmation result; and sending the obtained registrationnumber and corresponding secret token of the user to a third-partyorganization server.

At least one of the foregoing technical solutions used in theembodiments of this application can achieve the following beneficialeffects: a data authentication platform is directly connected to athird-party organization, without joining in a 3DS system of a cardassociation. Thus, the overall computing efficiency for the system toauthenticate users and/or bind their payment accounts with a paymentapplication (e.g., a payment Application installed on a mobile phone) isimproved, because many intermediate transaction links are obviated. Inaddition, no fee is charged in intermediate transaction links, andtransaction costs are low. The disclosed systems and methods involvefewer intermediate transaction links, resulting in a short transactionpath and achieving high security and payment success rate, therebyrealizing identity authentication for quick card binding in a countrywithout a central unified ID system.

BRIEF DESCRIPTION OF THE DRAWINGS

To describe the technical solutions in the embodiments of thisapplication or in existing technologies more clearly, the followingbriefly introduces the accompanying drawings required for describing theembodiments or the prior art. Apparently, the accompanying drawings inthe following description show merely some embodiments of thisapplication, and a person of ordinary skill in the art may still deriveother drawings from these accompanying drawings without creativeefforts.

FIG. 1 is a schematic flowchart of an identity authentication method,according to an embodiment of this application;

FIG. 2 is a schematic flowchart of a number saving and sending method,according to an embodiment of this application;

FIG. 3 is a schematic flowchart of a number binding method, according toan embodiment of this application;

FIG. 4 is a schematic structural diagram of an identity authenticationapparatus, according to an embodiment of this application;

FIG. 5 is a schematic structural diagram of a number saving and sendingapparatus, according to an embodiment of this application;

FIG. 6 is a schematic structural diagram of a number binding apparatus,according to an embodiment of this application; and

FIG. 7 is a schematic structural diagram of a system for identityauthentication, number saving and sending, and number binding, accordingto an embodiment of this application.

DETAILED DESCRIPTION

The embodiments of this application provide an identity authentication,number saving and sending, and number binding method, apparatus anddevice.

To enable a person skilled in the art to better understand the technicalsolutions in this application, the technical solutions of theembodiments of this application will be described clearly and thoroughlybelow with reference to the accompanying drawings of the embodiments ofthis application. Apparently, the described embodiments are merely somerather than all of the embodiments of this application. All otherembodiments obtained by a person of ordinary skill in the art based onthe embodiments of this application without creative efforts shall fallwithin the protection scope of this application.

In some overseas countries without a central unified ID system andcountries where users often change mobile phone numbers withoutreal-name registration, it is impossible to use identity authenticationmethods that are commonly used at home, such as face recognition and SMSverification code. To address the foregoing difficulty in identityauthentication and card binding, bank channels with a credible identityauthentication capability, such as bank branches, ATMs, e-banks, andmobile banking are fully used, to replace the card binding operation ina third-party organization with an activation operation in a bankchannel with a credible identity authentication capability.

In the following embodiments of this application, for example, a dataauthentication platform is a quick payment partner bank, a third-partyorganization is Alipay, and a registration number is a bank card numberand/or a bank account.

In some embodiments, an example of a method performed by one or morecomputing devices (e.g., one or more servers at the side of the quickpayment partner bank) is described with reference to FIG. 1.

FIG. 1 is a schematic flowchart of an identity authentication method,according to an embodiment of this application. The schematic flowchartincludes the following steps.

Step 105. Receiving a user identity authentication request sent by aclient of a data authentication platform, where the user identityauthentication request includes user authentication information and useridentification information, and a server of the data authenticationplatform pre-stores user authentication information and a registrationnumber and a secret token that correspond to the user identificationinformation.

In some embodiments, a user is a customer of the quick payment partnerbank and is also a customer of the third-party organization.

In some embodiments, for example, identity authentication is performedby using mobile banking of China Merchants Bank. A user Zhang San logsin to the mobile banking of China Merchants Bank and initiates anidentity authentication request. The identity authentication requestincludes user authentication information and user identificationinformation of Zhang San for logging in to the mobile banking, the useridentification information includes an ID number, a mobile phone number,and a bank card number or a bank account, and the user authenticationinformation includes a password and/or a verification code.

In some embodiments, after obtaining the user authentication informationand the user identification information, a mobile banking client ofChina Merchants Bank sends the user authentication information and theuser identification information to a server of China Merchants Bank.

As an optional implementation, in some embodiments, the user Zhang Sanis a pre-registered user before the client of the data authenticationplatform initiates the user identity authentication request. To improvethe number of users binding cards by using the identity authenticationmethod in the technical solution, the bank sends a red envelope (e.g., amonetary gift provided through a computer network) to pre-registeredusers. In some embodiments, before step 105 is performed, the quickpayment partner bank generates irreversible unique secret tokens byusing one or more bank card numbers and/or bank accounts of one or morepre-registered users, and sends the generated secret tokens to an Alipayserver in batches. In some embodiments, for example, China MerchantsBank generates irreversible unique secret tokens by using bank cardnumbers 6225999878762456 and 6225999878762457 of Zhang San and bank cardnumbers 6224890999097890 of Li Si, and sends the generated secret tokensto the Alipay server. The secret token is invisible to the outside, andneither the user nor others can obtain the content of the secret token.The secret token is encrypted and transmitted to the Alipay serverthrough a private security network connection (VPN or a private line).

Step 110. Obtaining, according to the user identification information,the user authentication information pre-stored in the server of the dataauthentication platform.

In some embodiments, the user authentication information of Zhang San,such as the password and/or the verification code, pre-stored in theserver of China Merchants Bank is obtained according to the useridentification information of Zhang San obtained in step 105.

As an optional implementation, in some embodiments, the quick paymentpartner bank allocates a unique identification (ID) corresponding to theuser identification information to each customer in advance, and each IDis associated with a plurality of bank card numbers and/or bank accountsof the customer and corresponding secret tokens. ID of Zhang San on theserver side of China Merchants Bank is 00000000, and bank card numbersof Zhang San in China Merchants Bank are 6225999878762456 and6225999878762457. The ID is associated with the bank card numbers andcorresponding secret tokens. After step 105, the user authenticationinformation pre-stored in the server of the data authentication platformis obtained according to the unique ID.

Step 115. Matching the user authentication information in the receiveduser identity authentication request with the obtained userauthentication information pre-stored in the server of the dataauthentication platform.

In some embodiments, the password and/or the verification code obtainedin step 105 are/is matched with the user authentication information ofZhang San obtained from the server of China Merchants Bank according tothe user identification information of Zhang San in step 110.

Step 120. Receiving, when the matching succeeds, a confirmation resultof the user for obtaining registration number, where the confirmationresult is sent by the client of the data authentication platform.

In some embodiments, when the matching operation in step 115 succeedsand the user clicks a button “Registration number,” the server of thedata authentication platform obtains a result of clicking the button“Registration number” by the user.

Step 125. Obtaining the registration number and the corresponding secrettoken of the user according to the received confirmation result.

As an optional implementation, each registration number and eachcorresponding secret token of the user are obtained; alternatively, eachobtained registration number of the user is sent to the client of thedata authentication platform, and a registration number selected by theuser and a secret token corresponding to the registration numberselected by the user are obtained. In some embodiments, for example,each registration number and each corresponding secret token of the userare obtained.

Step 130. Sending the obtained registration number and correspondingsecret token of the user to a third-party organization server.

In some embodiments, the quick payment partner bank automatically sends,to the third-party organization server, a bank card number and acorresponding secret token and/or a bank account and a correspondingsecret token of a pre-registered user that need to be saved in thethird-party organization server. Further, in some embodiments, the bankcard number 6225999878762456 and the corresponding secret token and thebank card number 6225999878762457 and the corresponding secret token ofZhang San are sent to the Alipay server.

Compared with existing technologies, the foregoing technical solutionused in the embodiments of this application can achieve the followingbeneficial effects: a bank is directly connected to Alipay, withoutjoining in a 3DS system of a card association; no fee is charged inintermediate transaction links, and transaction costs are low; thisapplication involves few intermediate transaction links, has a shorttransaction path, and achieves high security and payment success rate,thereby realizing identity authentication for quick card binding in acountry without a central unified ID system. A pre-registered user mayreceive a red envelope; both the bank and Alipay may make full use ofrespective channel advantages to promote the quick payment and acquirecustomers, thereby ensuring a high customer conversion rate and cardbinding success rate.

In some embodiments, an example of a method performed by one or morecomputing devices (e.g., one or more servers at the side of thethird-party organization) is described with reference to FIG. 2.

FIG. 2 is a schematic flowchart of a number saving and sending method,according to an embodiment of this application. The schematic flowchartincludes the following steps.

Step 205. Receiving a registration number and a corresponding secrettoken of a user sent by a server of a data authentication platform.

In some embodiments, the server of China Merchants Bank receives thebank card numbers 6225999878762456 and 6225999878762457 of Zhang San andalso receives secret tokens corresponding to the two bank card numbersof Zhang San.

As an optional implementation, before step 205, the server of ChinaMerchants Bank receives secret tokens respectively generated by theserver of the data authentication platform according to one or moreregistration numbers of the one or more users. In some embodiments,secret tokens respectively generated by using the bank card numbers6225999878762456 and 6225999878762457 of Zhang San and a secret tokengenerated by using a bank card number 6224890999097890 of Li Si arereceived.

Step 210. Matching the received secret token corresponding to theregistration number of the user with pre-stored secret tokens sent bythe server of the data authentication platform in batches, where thesecret tokens sent in batches are associated with pre-stored useridentification information.

In some embodiments, the secret token corresponding to the bank cardnumber 6225999878762456 of Zhang San and the secret token correspondingto the bank card number 6225999878762457 of Zhang San that are receivedin step 205 are matched with secret tokens that are pre-stored in theAlipay server and that are sent by the server of the data authenticationplatform in batches.

Step 215. Saving the received registration number of the user when thematching succeeds, where the saved registration number of the user isassociated with the pre-stored user identification information of theuser.

In some embodiments, when the matching operation in step 210 succeeds,the received bank card numbers 6225999878762456 and 6225999878762457 ofZhang San are saved into the user identification information of ZhangSan.

Step 220. Receiving a user number binding request sent by a third-partyorganization client, where the user number binding request includes userauthentication information and user identification information.

In some embodiments, Zhang San logs in to the Alipay client andinitiates a number binding request. The number binding request includesuser authentication information and user identification information ofZhang San for logging in to the Alipay client, the user identificationinformation includes a mobile phone number or an ID number, and the userauthentication information includes a password and/or a verificationcode.

Step 225. Obtaining, according to the user identification information,user authentication information pre-stored in a third-party organizationserver.

In some embodiments, user authentication information registered by ZhangSan in the Alipay server is obtained according to the obtained useridentification information, such as a mobile phone number or an IDnumber, of Zhang San for logging in to the Alipay client.

As an optional implementation, in some embodiments, the Alipay serverpre-stores a unique ID corresponding to the user identificationinformation of Zhang San, and the user authentication information ofZhang San pre-stored in the Alipay server is obtained according to theunique ID.

Step 230. Matching the user authentication information in the receiveduser number binding request with the obtained user authenticationinformation pre-stored in the third-party organization server.

In some embodiments, the mobile phone number or the ID number and thepassword and/or the verification code in the number binding requestreceived in step 220 are matched with the obtained mobile phone numberor the ID number and the password and/or the verification code of ZhangSan pre-stored in the Alipay server.

Step 235. Obtaining the registration number of the user according to theuser identification information when the matching succeeds.

In some embodiments, when matching of the user authenticationinformation succeeds, the bank card numbers 6225999878762456 and6225999878762457 of Zhang San are obtained according to the useridentification information such as the mobile phone number or the IDnumber of Zhang San.

As an optional implementation, in some embodiments, the ID of Zhang Sanin the Alipay server is 000000. The bank card numbers 6225999878762456and 6225999878762457 of Zhang San are obtained according to the ID ofZhang San.

Step 240. Sending the obtained registration number of the user to thethird-party organization client.

In some embodiments, the bank card numbers 6225999878762456 and6225999878762457 of Zhang San obtained in step 235 are sent to theAlipay client.

In some embodiments, an example of a method performed by one or morecomputing devices (e.g., one or more clients at the side of thethird-party organization) is described with reference to FIG. 3.

FIG. 3 is a schematic flowchart of a number binding method, according toan embodiment of this application. The schematic flowchart includes thefollowing steps.

Step 305. Receiving a user number binding request and sending the usernumber binding request to a third-party organization server, where theuser number binding request includes user authentication information anduser identification information.

In some embodiments, a user initiates a number binding request in theAlipay client. The number binding request includes user authenticationinformation and user identification information, the user identificationinformation includes a mobile phone number or an ID number, and the userauthentication information includes a password and/or a verificationcode. The Alipay client sends the user authentication information andthe user identification information to the Alipay server.

Step 310. Receiving, when the third-party organization server succeedsin matching the user authentication information, a registration numberof a user sent by the third-party organization server.

As an optional implementation, a registration number selected by theuser and sent by the third-party organization server is received; oreach registration number of the user sent by the third-partyorganization server is received and a registration number selected bythe user is obtained.

In some embodiments, when the Alipay server succeeds in matching theuser authentication information, the bank card numbers 6225999878762456and 6225999878762457 of Zhang San sent by the Alipay server arereceived. The bank card numbers 6225999878762456 and 6225999878762457are displayed on an interface of the Alipay client.

As an optional implementation, in some embodiments, when Zhang Sanselects the bank card number 6225999878762456, the Alipay clientreceives a result that the Zhang San selects the bank card number6225999878762456.

Step 315. Receiving a confirmation result of the user for numberbinding, where the number binding is successful.

In some embodiments, when Zhang San clicks the button “Bind the number,”the Alipay client receives a result of clicking the button “Bind thenumber” by Zhang San, and the number is bound successfully.

As an optional implementation, when Zhang San clicks the button “Do notbind the number,” the Alipay client receives a result of clicking thebutton “Do not bind the number” by Zhang San, and the number bindingfails.

FIG. 4 is a schematic structural diagram of an identity authenticationapparatus, according to an embodiment of this application. The schematicstructural diagram includes: a request receiving module 405, aninformation obtaining module 410, an information matching module 415, aresult receiving module 420, a number and secret token obtaining module425, and a number and secret token sending module 430.

The request receiving module 405 is configured to receive a useridentity authentication request sent by a client of a dataauthentication platform, where the user identity authentication requestincludes user authentication information and user identificationinformation, and a server of the data authentication platform pre-storesuser authentication information and a registration number and a secrettoken that correspond to the user identification information.

The information obtaining module 410 is configured to obtain, accordingto the user identification information, the user authenticationinformation pre-stored in the server of the data authenticationplatform.

The information matching module 415 is configured to match the userauthentication information in the received user identity authenticationrequest with the obtained user authentication information pre-stored inthe server of the data authentication platform.

The result receiving module 420 is configured to receive, when thematching succeeds, a confirmation result of the user for obtainingregistration number, where the confirmation result is sent by the clientof the data authentication platform.

The number and secret token obtaining module 425 is configured to obtainthe registration number and the corresponding secret token of the useraccording to the received confirmation result.

The number and secret token sending module 430 is configured to send theobtained registration number and corresponding secret token of the userto a third-party organization server.

Optionally, the number and secret token obtaining module is configuredto obtain each registration number and each corresponding secret tokenof the user; or send each obtained registration number of the user tothe client of the data authentication platform and obtain a registrationnumber selected by the user and a secret token corresponding to theregistration number selected by the user.

Optionally, the user is a pre-registered user; the apparatus furtherincludes a secret token generation module and a secret token sendingmodule; before the request receiving module receives the user identityauthentication request sent by the client of the data authenticationplatform, the secret token generation module is configured torespectively generate irreversible unique secret tokens by using one ormore registration numbers of one or more pre-registered users.

The secret token sending module is configured to send the generatedsecret tokens to the third-party organization server in batches.

Optionally, the server of the data authentication platform pre-stores aunique ID corresponding to the user identification information, andafter the request receiving module receives the user identityauthentication request sent by the client of the data authenticationplatform, the information obtaining module is further configured toobtain, according to the unique ID, the user authentication informationpre-stored in the server of the data authentication platform.

In some embodiments, the various modules of the identity authenticationapparatus in FIG. 4 may be implemented as software instructions or acombination of software and hardware. For example, the identityauthentication apparatus (or referred to as a system) may comprise oneor more processors (e.g., CPU) and one or more non-transitorycomputer-readable storage memories coupled to the one or more processorsand configured with instructions executable by the one or moreprocessors to cause one or more components (e.g., the one or moreprocessors) of the system to perform various steps and methods of themodules described above (e.g., with reference to the methodembodiments). In some embodiments, the identity authentication apparatusmay include a server, a mobile phone, a tablet computer, a PC, a laptopcomputer, or a combination of one or more of these computing devices.

FIG. 5 is a schematic structural diagram of a number saving and sendingapparatus, according to an embodiment of this application. The schematicstructural diagram includes: a number and secret token receiving module505, a secret token matching module 510, a number saving module 515, arequest receiving module 520, an information obtaining module 525, aninformation matching module 530, a number obtaining module 535, and anumber sending module 540.

The number and secret token receiving module 505 is configured toreceive a registration number and a corresponding secret token of a usersent by a server of a data authentication platform.

The secret token matching module 510 is configured to match the receivedsecret token corresponding to the registration number of the user withpre-stored secret tokens sent by the server of the data authenticationplatform in batches, where the secret tokens sent in batches areassociated with pre-stored user identification information.

The number saving module 515 is configured to save the receivedregistration number of the user when the matching succeeds, where thesaved registration number of the user is associated with the pre-storeduser identification information of the user.

The request receiving module 520 is configured to receive a user numberbinding request sent by a third-party organization client, where theuser number binding request includes user authentication information anduser identification information.

The information obtaining module 525 is configured to obtain, accordingto the user identification information, user authentication informationpre-stored in a third-party organization server.

The information matching module 530 is configured to match the userauthentication information in the received user number binding requestwith the obtained user authentication information pre-stored in thethird-party organization server.

The number obtaining module 535 is configured to obtain the registrationnumber of the user according to the user identification information whenthe matching succeeds.

The number sending module 540 is configured to send the obtainedregistration number of the user to the third-party organization client.

Optionally, the third-party organization server pre-stores a unique IDcorresponding to the user identification information.

After the request receiving module receives the user number bindingrequest sent by the third-party organization client, the informationobtaining module 525 is further configured to obtain, according to theunique ID, the user authentication information pre-stored in thethird-party organization server.

Optionally, before receiving the registration number and thecorresponding secret token of the user sent by the server of the dataauthentication platform, the number and secret token receiving module505 is further configured to receive secret tokens respectivelygenerated by the server of the data authentication platform according toone or more registration numbers of one or more users.

In some embodiments, the various modules of the number saving andsending apparatus in FIG. 5 may be implemented as software instructionsor a combination of software and hardware. For example, the numbersaving and sending apparatus (or referred to as a system) may compriseone or more processors (e.g., CPU) and one or more non-transitorycomputer-readable storage memories coupled to the one or more processorsand configured with instructions executable by the one or moreprocessors to cause one or more components (e.g., the one or moreprocessors) of the system to perform various steps and methods of themodules described above (e.g., with reference to the methodembodiments). In some embodiments, the number saving and sendingapparatus may include a server, a mobile phone, a tablet computer, a PC,a laptop computer, or a combination of one or more of these computingdevices.

FIG. 6 is a schematic structural diagram of a number binding apparatus,according to an embodiment of this application. The schematic structuraldiagram includes: a request receiving module 605, a request sendingmodule 610, a number receiving module 615, and a result receiving module620.

The request receiving module 605 is configured to receive a user numberbinding request.

The request sending module 610 is configured to send the user numberbinding request to a third-party organization server, where the usernumber binding request includes user authentication information and useridentification information.

The number receiving module 615 is configured to receive, when thethird-party organization server succeeds in matching the userauthentication information, a registration number of a user sent by thethird-party organization server.

The result receiving module 620 is configured to receive a confirmationresult of the user for number binding, where the number binding issuccessful.

Optionally, the number receiving module 615 is configured to receive aregistration number selected by the user and sent by the third-partyorganization server; or receive each registration number of the usersent by the third-party organization server and obtain a registrationnumber selected by the user.

Optionally, the apparatus further includes a result confirming module,configured to: after the number receiving module receives theregistration number of the user sent by the third-party organizationserver, receive a confirmation result of the user for stopping numberbinding, the number binding being unsuccessful.

The embodiments of this application provide an identity authenticationdevice, including a memory and a processor, where the memory stores aprogram, and the program is configured to cause the processor to receivea user identity authentication request sent by a client of a dataauthentication platform, where the user identity authentication requestincludes user authentication information and user identificationinformation, and a server of the data authentication platform pre-storesuser authentication information and a registration number and a secrettoken that correspond to the user identification information; obtain,according to the user identification information, the userauthentication information pre-stored in the server of the dataauthentication platform; match the user authentication information inthe obtained user identity authentication request with the obtained userauthentication information pre-stored in the server of the dataauthentication platform; receive, when the matching succeeds, aconfirmation result of the user for obtaining registration number, wherethe confirmation result is sent by the client of the data authenticationplatform; obtain the registration number and the corresponding secrettoken of the user according to the received confirmation result; andsend the obtained registration number and corresponding secret token ofthe user to a third-party organization server.

The embodiments of this application provide a number saving and sendingdevice, including a memory and a processor, where the memory stores aprogram, and the program is configured to cause the processor to receivea registration number and a corresponding secret token of a user sent bya server of a data authentication platform; match the received secrettoken corresponding to the registration number of the user withpre-stored secret tokens sent by the server of the data authenticationplatform in batches, where the secret tokens sent in batches areassociated with pre-stored user identification information; save thereceived registration number of the user when the matching succeeds,where the saved registration number of the user is associated with thepre-stored user identification information of the user; receive a usernumber binding request sent by a third-party organization client, wherethe user number binding request includes user authentication informationand user identification information; obtain, according to the useridentification information, user authentication information pre-storedin a third-party organization server; match the user authenticationinformation in the received user number binding request with theobtained user authentication information pre-stored in the third-partyorganization server; obtain the registration number of the useraccording to the user identification information when the matchingsucceeds; and send the obtained registration number of the user to thethird-party organization client.

The embodiments of this application provide a number binding device,including a memory and a processor, where the memory stores a program,and the program is configured to cause the processor to receive a usernumber binding request and send the user number binding request to athird-party organization server, where the user number binding requestincludes user authentication information and user identificationinformation; receive, when the third-party organization server succeedsin matching the user authentication information, a registration numberof a user sent by the third-party organization server; and receive aconfirmation result of the user for number binding, where the numberbinding is successful.

In some embodiments, the various modules of the number binding apparatusin FIG. 6 may be implemented as software instructions or a combinationof software and hardware. For example, the number binding apparatus (orreferred to as a system) may comprise one or more processors (e.g., CPU)and one or more non-transitory computer-readable storage memoriescoupled to the one or more processors and configured with instructionsexecutable by the one or more processors to cause one or more components(e.g., the one or more processors) of the system to perform varioussteps and methods of the modules described above (e.g., with referenceto the method embodiments). In some embodiments, the number bindingapparatus may include a server, a mobile phone, a tablet computer, a PC,a laptop computer, or a combination of one or more of these computingdevices.

FIG. 7 is a schematic structural diagram of a system for identityauthentication, number saving and sending, and number binding, accordingto an embodiment of this application. The schematic structural diagramincludes an identity authentication apparatus 705, a number saving andsending apparatus 710, and a number binding apparatus 715.

A person skilled in the art should understand that the embodiments ofthis application may be provided as a method, a system, or a computerprogram product. Therefore, this application may be in a form ofcomplete hardware embodiments, complete software embodiments, orcombination of software and hardware. Moreover, this application may usea form of a computer program product that is implemented on one or morecomputer-usable storage media (including but not limited to a diskmemory, a CD-ROM, an optical memory, and the like) that includecomputer-usable program code.

This application is described with reference to the flowcharts and/orblock diagrams of the method, the device (system), and the computerprogram product according to the embodiments. It should be understoodthat computer program instructions can implement each procedure and/orblock in the flowcharts and/or block diagrams and a combination ofprocedures and/or blocks in the flowcharts and/or block diagrams. Thesecomputer program instructions may be provided to a general-purposecomputer, a general-purpose computer, an embedded processor, or aprocessor of another programmable data processing device to generate amachine, so that an apparatus configured to implement functionsspecified in one or more procedures in the flowcharts and/or one or moreblocks in the block diagrams is generated by using instructions executedby the general-purpose computer or the processor of another programmabledata processing device.

These computer program instructions may also be stored in a computerreadable memory that can guide a computer or another programmable dataprocessing device to work in a specific manner, so that the instructionsstored in the computer readable memory generate a product including aninstruction apparatus, where the instruction apparatus implementsfunctions specified in one or more procedures in the flowcharts and/orone or more blocks in the block diagrams.

These computer program instructions may also be loaded into a computeror another programmable data processing device, so that a series ofoperation steps are performed on the computer or another programmabledata processing device to generate processing implemented by a computer,and instructions executed on the computer or another programmable dataprocessing device provide steps for implementing functions specified inone or more procedures in the flowcharts and/or one or more blocks inthe block diagrams.

In a typical configuration, the computer device includes one or moreprocessors (CPUs), an input/output interface, a network interface, and amemory.

The memory may include a form such as a persistent memory, arandom-access memory (RAM) and/or a non-transitory memory ofcomputer-readable media, for example, a read-only memory (ROM) or aflash memory (RAM). The memory is an example of the computer-readablemedium.

The computer-readable medium includes a persistent medium and anon-persistent medium, a removable medium and a non-removable medium,which may implement storage of information by using any method ortechnology. The information may be a computer-readable instruction, adata structure, a module of a program or other data. Examples of astorage medium of a computer includes, but is not limited to, a phasechange memory (PRAM), a static random access memory (SRAM), a dynamicrandom access memory (DRAM), or other types of random access memory(RAM), a read-only memory (ROM), an erasable programmable read onlymemory (EEPROM), a flash memory or another storage technology, a compactdisc read-only memory (CD-ROM), a digital versatile disc (DVD) oranother optical storage, or a cartridge tape. A magnetic storage of amagnetic tape or a disc, another magnetic storage device, or any othernon-transmission medium may be configured to store information that canbe accessed by a computing device. Based on the definition in thisapplication, the computer-readable medium does not include transitorycomputer-readable media (transitory media), such as a modulated datasignal and a carrier.

It should also be noted that the terms “include,” “comprise” and anyother variants mean to cover the non-exclusive inclusion. Thereby, theprocess, method, article, or device which include a series of elementsnot only include those elements, but also include other elements whichare not clearly listed, or include the inherent elements of the process,method, article and device. Without further limitation, the elementdefined by a phrase “include one . . . ” does not exclude other sameelements in the process, method, article or device which include theelement.

The descriptions are merely embodiments of this application, and are notintended to limit the embodiments of this application. For a personskilled in the art, various modifications and changes may be made tothis application. Any modifications, equivalent replacements, andimprovements made within the spirit and principle of this applicationshall fall within the scope of the claims of this application.

What is claimed is:
 1. A computer-implemented authentication method foridentity authentication and registration number binding, comprising:receiving, by one or more servers of a data authentication platform, auser identity authentication request of a user sent by a client of thedata authentication platform, wherein the user identity authenticationrequest comprises first user authentication information and useridentification information, and the one or more servers of the dataauthentication platform pre-store second user authentication informationand a registration number and a secret token that correspond to the useridentification information; obtaining, by the one or more serversaccording to the user identification information, the second userauthentication information pre-stored in the one or more servers of thedata authentication platform; matching, by the one or more servers, thefirst user authentication information in the received user identityauthentication request with the obtained second user authenticationinformation pre-stored in the one or more servers of the dataauthentication platform; in response to the matching succeeding and inresponse to receiving, by the one or more servers from the client of thedata authentication platform, a request for obtaining the registrationnumber, obtaining, by the one or more servers, the registration numberand the secret token that correspond to the user identificationinformation, wherein obtaining the registration number and the secrettoken comprises: sending a plurality of registration numbers of the userto the client of the data authentication platform, and obtaining theregistration number that is selected by the user from the plurality ofregistration numbers from the client and the secret token thatcorresponds to the registration number selected by the user; andsending, by the one or more servers, the obtained registration numberand the secret token to a third-party organization server.
 2. The methodaccording to claim 1, wherein before receiving the user identityauthentication request sent by the client of the data authenticationplatform, the method further comprises: generating, by the one or moreservers, the secret token that corresponds to the user identificationinformation by using the registration number that corresponds to theuser identification information; and sending, by the one or moreservers, the generated secret token to the third-party organizationserver.
 3. The method according to claim 1, wherein the one or moreservers of the data authentication platform pre-store a uniqueidentification (ID) corresponding to the user identificationinformation; and after receiving the user identity authenticationrequest sent by the client of the data authentication platform, themethod further comprises: obtaining, by the one or more serversaccording to the unique ID, the second user authentication informationpre-stored in the one or more servers of the data authenticationplatform.
 4. The method according to claim 1, further comprising:receiving, by the third-party organization server, the registrationnumber and the secret token from the one or more servers of the dataauthentication platform; matching, by the third-party organizationserver, the received secret token corresponding to the registrationnumber with pre-stored secret tokens sent by the one or more servers ofthe data authentication platform; in response to the matching betweenthe received secret token and the pre-stored secret tokens succeeding,saving, by the third-party organization server, the receivedregistration number in association with pre-stored user identificationinformation in the third-party organization server; receiving, by thethird-party organization server, a user number binding request from athird-party organization client, wherein the user number binding requestcomprises the first user authentication information and the useridentification information; obtaining, by the third-party organizationserver according to the user identification information, third userauthentication information pre-stored in the third-party organizationserver; matching, by the third-party organization server, the first userauthentication information in the received user number binding requestwith the obtained third user authentication information pre-stored inthe third-party organization server; in response to the matching betweenthe first user authentication information and the third userauthentication information succeeding, obtaining, by the third-partyorganization server, the saved registration number according to the useridentification information in the received user number binding request;and sending, by the third-party organization server, the obtained savedregistration number to the third-party organization client.
 5. Themethod according to claim 4, wherein the third-party organization serverpre-stores a unique identification (ID) corresponding to the useridentification information; and after receiving the user number bindingrequest from the third-party organization client, the method furthercomprises: obtaining, by the third-party organization server accordingto the unique ID, the third user authentication information pre-storedin the third-party organization server.
 6. The method according to claim5, wherein before receiving the registration number and the secret tokenfrom the one or more servers of the data authentication platform, themethod further comprises: receiving, by the third-party organizationserver, the secret token from the one or more servers of the dataauthentication platform, wherein the secret token is generated by theone or more servers of the data authentication platform according to theregistration number.
 7. The method according to claim 4, furthercomprising: receiving, by the third-party organization client, theregistration number of the user from the third-party organizationserver; and receiving, by the third-party organization client, aconfirmation by the user for binding the registration number.
 8. Themethod according to claim 7, wherein receiving the registration numberfrom the third-party organization server comprises: receiving aregistration number selected by the user and sent by the third-partyorganization server; or receiving each registration number sent by thethird-party organization server and obtaining a registration numberselected by the user.
 9. The method according to claim 4, wherein theregistration number corresponds to a payment account, and the methodfurther comprises: receiving, by the third-party organization serverfrom the third-party organization client, a confirmation of theregistration number sent from the third-party organization server,wherein the confirmation indicates a success in binding the paymentaccount with a payment application maintained by the third-partyorganization server and accessible from the third-party organizationclient.
 10. One or more non-transitory computer-readable storage mediastoring instructions executable by one or more processors, whereinexecution of the instructions causes the one or more processors toperform operations comprising: receiving a user identity authenticationrequest of a user sent by a client of a data authentication platform,wherein the user identity authentication request comprises first userauthentication information and user identification information, and oneor more servers of the data authentication platform pre-store seconduser authentication information and a registration number and a secrettoken that correspond to the user identification information; obtaining,according to the user identification information, the second userauthentication information pre-stored in the one or more servers of thedata authentication platform; matching the first user authenticationinformation in the received user identity authentication request withthe obtained second user authentication information pre-stored in theone or more servers of the data authentication platform; in response tothe matching succeeds and in response to receiving, from the client ofthe data authentication platform, a request for obtaining theregistration number, obtaining the registration number and the secrettoken that correspond to the user identification information, whereinobtaining the registration number and the secret token comprises:sending a plurality of registration numbers of the user to the client ofthe data authentication platform, and obtaining the registration numberthat is selected by the user from the plurality of registration numbersfrom the client and the secret token that corresponds to theregistration number selected by the user; and sending the obtainedregistration number and secret token to a third-party organizationserver.
 11. The one or more non-transitory computer-readable storagemedia according to claim 10, wherein before receiving the user identityauthentication request sent by the client of the data authenticationplatform, the operations further comprise: generating the secret tokenby using the registration number; and sending the generated secret tokento the third-party organization server.
 12. The one or morenon-transitory computer-readable storage media according to claim 10,wherein the operations further comprise: receiving the registrationnumber and the secret token from the one or more servers of the dataauthentication platform; matching the received secret tokencorresponding to the registration number with pre-stored secret tokenssent by the one or more servers of the data authentication platform; inresponse to the matching between the received secret token and thepre-stored secret tokens succeeding, saving the received registrationnumber in association with pre-stored user identification information inthe third-party organization server; receiving a user number bindingrequest from a third-party organization client, wherein the user numberbinding request comprises the first user authentication information andthe user identification information; obtaining, according to the useridentification information, third user authentication informationpre-stored in the third-party organization server; matching the firstuser authentication information in the received user number bindingrequest with the obtained third user authentication informationpre-stored in the third-party organization server; in response to thematching between the first user authentication information and the thirduser authentication information succeeding, obtaining the savedregistration number according to the user identification information inthe received user number binding request; and sending the obtained savedregistration number to the third-party organization client.
 13. The oneor more non-transitory computer-readable storage media according toclaim 12, wherein the operations further comprise: receiving theregistration number from the third-party organization server; andreceiving a confirmation by the user for binding the registrationnumber.
 14. The one or more non-transitory computer-readable storagemedia according to claim 12, wherein the registration number correspondsto a payment account, and the operations further comprise: receiving,from the third-party organization client, a confirmation of theregistration number sent from the third-party organization server,wherein the confirmation indicates a success in binding the paymentaccount with a payment application maintained by the third-partyorganization server and accessible from the third-party organizationclient.
 15. A system comprising one or more processors and one or morenon-transitory computer-readable memories coupled to the one or moreprocessors and configured with instructions executable by the one ormore processors to cause the system to perform operations comprising:receiving a user identity authentication request of a user sent by aclient of a data authentication platform, wherein the user identityauthentication request comprises first user authentication informationand user identification information, and one or more servers of the dataauthentication platform pre-store second user authentication informationand a registration number and a secret token that correspond to the useridentification information; obtaining, according to the useridentification information, the second user authentication informationpre-stored in the one or more servers of the data authenticationplatform; matching the first user authentication information in thereceived user identity authentication request with the obtained seconduser authentication information pre-stored in the one or more servers ofthe data authentication platform; in response to the matching succeedingand in response to receiving, from the client of the data authenticationplatform, a request for obtaining the registration number, obtaining theregistration number and the secret token that correspond to the useridentification information, wherein obtaining the registration numberand the secret token comprises: sending a plurality of registrationnumbers of the user to the client of the data authentication platform,and obtaining the registration number that is selected by the user fromthe plurality of registration numbers from the client and the secrettoken that corresponds to the registration number selected by the user;and sending the obtained registration number and the secret token to athird-party organization server.
 16. The system according to claim 15,wherein before receiving the user identity authentication request sentby the client of the data authentication platform, the operationsfurther comprise: generating the secret token by using the registrationnumber; and sending the generated secret token to the third-partyorganization server.
 17. The system according to claim 15, wherein theoperations further comprise: receiving the registration number and thesecret token from the one or more servers of the data authenticationplatform; matching the received secret token corresponding to theregistration number with pre-stored secret tokens sent by the one ormore servers of the data authentication platform; in response to thematching between the received secret token and the pre-stored secrettokens succeeding, saving the received registration number inassociation with pre-stored user identification information in thethird-party organization server; receiving a user number binding requestfrom a third-party organization client, wherein the user number bindingrequest comprises the first user authentication information and the useridentification information; obtaining, according to the useridentification information, third user authentication informationpre-stored in the third-party organization server; matching the firstuser authentication information in the received user number bindingrequest with the obtained third user authentication informationpre-stored in the third-party organization server; in response to thematching between the first user authentication information and the thirduser authentication information succeeding, obtaining the savedregistration number according to the user identification information inthe received user number binding request; and sending the obtained savedregistration number to the third-party organization client.
 18. Thesystem according to claim 17, wherein the operations further comprise:receiving the registration number from the third-party organizationserver; and receiving a confirmation by the user for binding theregistration number.
 19. The system according to claim 17, wherein theregistration number corresponds to a payment account, and the operationsfurther comprise: receiving, from the third-party organization client, aconfirmation of the registration number sent from the third-partyorganization server, wherein the confirmation indicates a success inbinding the payment account with a payment application maintained by thethird-party organization server and accessible from the third-partyorganization client.